On 14 Jun 2022, at 10:39 pm, Tanmay Sawant <tanmay...@gmail.com> wrote:
Thank you, Shane and Arshad. Let me clarify the use case a little bit. Here I am trying to access the web application (e.g O365) on my laptop/desktop and during the authentication process, I want to use mobile application (In place of hardware FIDO key) to complete the FIDO2 authentication. I believe to achieve this, we need to first register the mobile device/app with the desktop by using some kind of software or hardware like the Bluetooth pairing device.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/ABB77B4E-72E9-4BE1-83A8-BC425E87D3CC%40gmail.com.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/493FC446-77DA-49E2-8278-049C2903D000%40gmail.com.
Why would you implement CTAP when you can just call the system FIDO2 APIs?
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/12f183a7-2356-437b-935a-633fd80d0683n%40fidoalliance.org.
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/MN2PR00MB0480830AA87903B649B104F695BB9%40MN2PR00MB0480.namprd00.prod.outlook.com.
I'm not sure I fully understand your question. The system FIDO APIs are nearly identical to the WebAuthn browser API. You create a credential for an origin and can then request an assertion for that same origin (bound to your app) for authenticating the user.
Android sample: security-samples/Fido at main · android/security-samples (github.com)
Android docs: FIDO2 API for Android | Google Identity | Google Developers
Apple docs: Public-Private Key Authentication | Apple Developer Documentation
tim
To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/MN2PR00MB04803E6277D6EF03369BCAFB95BB9%40MN2PR00MB0480.namprd00.prod.outlook.com.